Typically, welcoming new employees involves explaining the company’s policies, filling out paperwork, and discussing the benefits available. The importance of cybersecurity tends to be overlooked during this process. Organizations need to be aware that their employees are one of their biggest security risks. They are one of the entry points for hackers to get into the company network. All it takes is leaving a computer unlocked, unsecured passwords, or clicking on an infected email to bring the system down.
University of Kansas Hacked
For example, a few years ago, University of Kansas’ employees were victimized by an email phishing attack. Employees were notified via email that their payroll information needed to be updated. As a result, their paycheck was redirected to a hacker’s bank account after they supplied this information.
Companies need to integrate cybersecurity into their culture as a standard practice.
Employee Onboarding Cybersecurity Checklist
⬜ Password protection- Ensure that your staff’s credentials are complicated to make it difficult for hackers to figure out. Supplement credentials with Multi-Factor Authentication (MFA).
⬜ Educate staff on how to identify phishing emails – Invalid web domains, misspellings, and asking for financial or private information are just a few of the red flags to look out for. Train your staff on how to identify phishing emails right from the get-go.
⬜ Your new hire packet should include a device use policy – Restrict personal use of company-owned devices. Make sure the policies are understood and the document signed and dated.
⬜ Set user privileges- Only allow staff to access data needed to perform their job.
⬜ Require locking the screen when leaving their computer unattended.
⬜ Use a password manager– Never allow passwords to be written on sticky notes.
⬜ Procedures for securely disposing of documents- Also ensure printed documents are picked up as soon as it prints out and not left out long enough for prying eyes.
⬜ Incident reporting – Establish clear procedures for handling security breaches if they happen.
⬜ Physical security- Physical access to the office is just as vulnerable to crime as electronic access. Provide employees with keycards or electronic codes for gaining access to the building.
You can mitigate future security risks by incorporating cybersecurity into your onboarding process. It is also important to maintain cybersecurity awareness by conducting periodic training, making employees aware of the latest threats, and performing phishing email simulations.
If you need help implementing these steps, we will be happy to help. Contact Us.